Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.
The Branch site contains a member server named Server1 that runs Windows Server 2012 R2.
You need to identify which domain controller authenticated the computer account of Server1.
What should you do?
A.
Verify the value of the %LOGONSERVER% environment variable.
B.
Run nltest /sc_query.
C.
Verify the value of the %SESSIONNAME% environment variable.
D.
Run nltest /dsgetsite.
Explanation:
A)
%LOGONSERVER% is the domain controller that authenticated the current user.
B)
Reports on the state of the secure channel the last time that you used it. (The secure channel is
the one that the NetLogon service established.)
This parameter lists the name of the domain controller that you queried on the secure channel, also.
D)
Returns the name of the site in which the domain controller resides.
http://technet.microsoft.com/en-us/library/cc753915(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc731935(v=ws.10).aspx
why not B ?
/sc_query: reports on the state of the secure channel the last time that you used it.(The secure channel is the one that the NetLogon service established.) This parameter lists the name of the domain controller that you queried on the secure channel also.
I think I’ll go for nltest. I couldn’t find much but I saw in https://blogs.technet.microsoft.com/askpfeplat/2014/06/29/troubleshooting-windows-server-2012-r2-domain-controller-new-sids-a-real-world-example/:
“I commonly observe many users execute the set l command and the resulting LOGONSERVER variable returned to find what domain controller authenticated them. My personal opinion based on empirical evidence is that the nltest.exe output provides more reliable information than the set.exe command for this purpose.”
I also have the idea that %logonserver% shows which DC the logged on user authenticated to, not the computer, but I haven’t found any evidence for this.
I think nltest would be an option if one of the four provided answers would say:
nltest/dsgetdc
…but as this option is not given, the provided answer is correct
(eventho it’s less accurate than nltest/ dsgetdc)